using System.Security.Claims;
using AuthZ.PolicyBased.Authorizations.AuthorizeAttributes;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace AuthZ.PolicyBased.Controllers;

/// <summary>
/// 授权验证演示
/// </summary>
[Authorize]
[ApiController]
[Route("api/[controller]/")]
public class PrivilegeController : ControllerBase
{
    /// <summary>
    /// 可以【匿名】访问
    /// </summary>
    [AllowAnonymous]
    [HttpGet("any")]
    public IActionResult Anonymous()
    {
        return Ok("访问成功");
    }
    
    [HttpGet("GetForAtLeast18Age")]
    [Authorize(Policy = "AtLeast18Age")]
    public IActionResult GetForAtLeast18Age()
    {
        return Ok("At least 18 age");
    }

    [HttpGet("GetForAtLeast20Age")]
    [MinimumAgeAuthorize(20)]
    public string GetForAtLeast20Age()
    {
        return "At least 20 age";
    }

    [HttpGet("GetForAtLeast25Age")]
    [MinimumAgeAuthorize(25)]
    public string GetForAtLeast25Age()
    {
        return "At least 25 age";
    }
}